This document provides a technical overview of Java for smartcards. It discusses why Java is used for smartcards, the Java Card architecture including applets, runtime environment and global platform specifications. It also summarizes key aspects of the Java Card toolchain, development process and security features.

1. Technical Overview of Java for Smartcards Anshuman Sinha

2. Presentation Java Card Global Platform Java Card Applets Client Software Anshuman Sinha <anshuman.sinha2@gmail.com>

3. Why Java for Smartcards? Popular High level language, Object-oriented, large programmer base … Write once and run anywhere Any vendor ’ s smart card (Interoperability) Any vendor ’ s secure controller (Portability) Open programmable platform for third party application development Java Card is the winner … SIM, PIV, TWIC etc. Anshuman Sinha <anshuman.sinha2@gmail.com>

4. Java Platforms Anshuman Sinha <anshuman.sinha2@gmail.com> Java Platform Size Machine Size

5. Java Card Tool Chain Anshuman Sinha <anshuman.sinha2@gmail.com> .Java Files .class Files .jca Files .exp Files Converter Java Smartcard Loader Use any Java compiler Use favorite development environment Loader is specific Compiler . exp Files .cap Files

6. Java Card Block Diagram Anshuman Sinha <anshuman.sinha2@gmail.com> Card Operating System Java Card VM Java Card Runtime Environment (JCRE) Java Card API APDU Response Card Manager Smartcard Controller + Cryptography Co-processor Applet 3 Applet 2 Applet 1 Currently Selected Applet Vertical API(s)

7. Hardware Anshuman Sinha <anshuman.sinha2@gmail.com> R / F Interface Memory Chip Controller Antenna Coil Clk I/O Reset Vcc GND Clk I/O Reset Vcc GND Clk Mod Demod EEPROM Security & Address Logic EEPROM ROM CPU NPU Smartcard Contacts ROM RAM

8. Java Card Operating System Anshuman Sinha <anshuman.sinha2@gmail.com> Process Loop Terminal Command Process Loop File System File context Crypto algorithms Data Integrity Memory Management Hardware Interfaces Memory write/erase Anti-Tearing Access Controller EEPROM/Flash Memory Write Log If no tear clear the transaction buffer If tear, roll back the update as if no write occurred ISO Commands ISO File System Anti-Tearing Tear Begin Transaction EF 1 EF 2 DF1 DF2 MF

9. Java Card Runtime Environment Anshuman Sinha <anshuman.sinha2@gmail.com> Java Applet Storage Java Heap Storage Java Native Interface Applet Selection Applet Instantiation Applet Context Exception Handling Session Anti-tearing Random security checks Firewalling Applet Data and Code Applet Firewall Java Bytecode Storage Java Object Store Applet 3 Applet 2 Applet 1 Currently Selected Applet

10. Applet Firewalling On Java Card the applets are firewalled, which means one applet can ’ t access the objects of the other at runtime. Each applet has its own Context . Applet firewall is separation of one context from another. JCRE has global context. It has access privileges to objects / fields of any applet. Anshuman Sinha <anshuman.sinha2@gmail.com>

11. Smartcard Protocols Anshuman Sinha <anshuman.sinha2@gmail.com> 7816 – 4 Inter-Industry commands for interchanges 7816 - 1 Physical Characteristics 7816 - 2 Dimension and locations of the contacts 14443 - 1 Physical Characteristics 7816 - 3 Electronic Signals and Transmission Protocol 14443 - 2 RF power and Signal I/F 14443 - 3 Initialization and anticollision 14443 - 4 Transmission protocol 7816 - 3 T=1/T=0 Transmission protocol Contact stack Contactless stack

12. Java Card 2.2.2 API Java.io Java.lang Java.rmi service Javacard.framework Applet AID APDU … Javacard.security DESKey AESKey Checksum … Javacard.framework.service Javacardx.crypto DES Algorithm AES Algorithm RSA … and ECC Javacardx.apdu Javacardx.biometry Javacardx.external Javacardx.framework.math Javacardx.framework.util Javacardx.framework.util.intx Anshuman Sinha <anshuman.sinha2@gmail.com> Core Packages

13. Java Subsetting Multi-Threading String handling Dynamic Class loading Security Manager Card Manager Garbage Collection and finalization Object cloning Access control in Java packages Anshuman Sinha <anshuman.sinha2@gmail.com>

14. Fully Supported Features packages dynamic object creation transient objects virtual methods / inheritance interfaces Exceptions Pseudo-Garbage Collection Anshuman Sinha <anshuman.sinha2@gmail.com>

15. Partially supported features Object class is the root class of all the objects but not all methods are supported. Throwable class is not supported fully but is available as the root class of all exceptions thrown. Anshuman Sinha <anshuman.sinha2@gmail.com>

16. Token-based Linking Items are referenced as opaque tokens. Linking can be either on-card or off card. No need to know internal implementation details of on card API to link off-card cardlets. Works efficiently with limited resources (RAM) on card. Converter refers to export file of the package to link to external items It picks the external token from export file and puts in the CAP file of the a package Since name-to-token mapping is published in export file, the tokens can be assigned any order Anshuman Sinha <anshuman.sinha2@gmail.com>

17. Java Execution Engine Anshuman Sinha <anshuman.sinha2@gmail.com> Runtime Applet Context Applet (package) JCRE Context Operands Frame 16 bit Word 1. 2. Bytecode Handlers Native Table Function Locals Execute 3. Increment Fetch Update Java Heap

18. Security Exception Instructions which throw securityException. All invokes (static/special/interface) getfields and putfields checkcast instanceof athrow arraylength Anshuman Sinha <anshuman.sinha2@gmail.com> Security is built in the bytecodes Java Card virtual machine can throw runtime exception on these bytecodes

19. Exceptions Exception object has 2 byte reason code instead of message string as a parameter to the exception class. Exceptions are of two types - Checked and Unchecked. Checked exceptions must be caught and declared by keyword throws in the method body. Anshuman Sinha <anshuman.sinha2@gmail.com>

20. Exceptions Unchecked exceptions or runtime exceptions are runtime errors thrown by JCVM or JCRE Known Exception objects are pre-created and an application supplies the reason code and calls the throwIt method Anshuman Sinha <anshuman.sinha2@gmail.com>

21. Presentation Java Card Design Global / Open Platform Applets Client Software Anshuman Sinha <anshuman.sinha2@gmail.com>

22. Global Platform Global Platform specifies secure, dynamic card and application management using commands, policies, transaction sequences and interfaces that are hardware neutral System, Terminal and Card Specifications Card Specifications Defines the loading of applets to card both pre and post issuance Registers Applets to Security Domain Verifies source of application code by validating signature Opening and closing of (SSL like) secure channel Application Management – Install and Delete Card Management and life cycle Anshuman Sinha <anshuman.sinha2@gmail.com>

23. Card Manager Life Cycle Anshuman Sinha <anshuman.sinha2@gmail.com> OP_Ready Initialised Secured CM_Locked Terminated Card manager acts as default selected application Initialisation key controls access At least one key set loaded Post-issuance mode (at least MACing required) All applications locked Only Card Manager is available End of card life cycle (card is mute) APDU Set Status API lockCardManager API terminateCardManager

24. Applet Life Cycle Anshuman Sinha <anshuman.sinha2@gmail.com> Installed Selectable Personalized Blocked Locked Application is installed (instantiated) but not available yet Application is available (activated) Application has been personalized Application is blocked, but behaviour is application-dependent Application is locked (not available) Only Card Manager can unlock APDU Set Status API setCardContentState Deleted APDU Install APDU Delete

25. Applet Loading Anshuman Sinha <anshuman.sinha2@gmail.com> Security Domain B Card Manager Security Domain A Applet Applet Application Provider B Card Issuer OPEN NETWORK Application Provider A HOST CARD Application Provider A Application Provider B Java Card Applet Applet chunks Secure Channel

26. Presentation Java Card Design Global / Open Platform Applets Client Software Anshuman Sinha <anshuman.sinha2@gmail.com>

27. Java Card Applets [1/2] Extension of javacard.framework.applet Applet has following methods … deselect() getShareableInterfaceObject(..) Install(..) Anshuman Sinha <anshuman.sinha2@gmail.com> Called by JCRE before selection of another applet . Called by JCRE on behalf of client applet to get all methods which are shared … Called by JCRE on behalf of client applet to get all methods which are shared …

28. Java Card Applets [2/2] Process(APDU) Register(..) Select() SelectingApplet() Anshuman Sinha <anshuman.sinha2@gmail.com> Called by JCRE to process application specific commands Called by JCRE to process application specific commands Called by JCRE when this applet is selected Called by JCRE to return any data back to terminal while the applet is being selected

29. Presentation Java Card Design Global / Open Platform Applets Client Software Anshuman Sinha <anshuman.sinha2@gmail.com>

30. Client Software Java Client Software PCSC / JPCSC – Reader Connections Card Detection Service Registry Applet Loading Splits Applet into chunks Loading and Verification Application Based Commands For e.g. PIV – Reading Image of Cardholder Test Suites Visual Basic Scripting Java Client Anshuman Sinha <anshuman.sinha2@gmail.com>

31. PCSC/JPCSC Design Anshuman Sinha <anshuman.sinha2@gmail.com> ICC Aware Application Service Providers ICC Resource Manager IFD IFD IFD RS232 PS/2 IFD Handler ICC ICC ICC IFD Handler IFD Handler

32. References Java Card specifications Global Platform specifications ISO 7816 and 14443 standards PC/SC specifications NIST SP 800-73 specifications for PIV … and Others Anshuman Sinha <anshuman.sinha2@gmail.com>